CVEs from 2021
Total
4,792
critical
critical 280
high
high 1,018
medium
medium 1,176
low
low 138
% Critical
5.8%
% with KEV
4.4%
% with exploit
5.3%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- communications_unified_inventory_management 7
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-21160 | high | — | 8.0 | — | Heap buffer overflow in WebAudio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2021-23974 | high | — | 8.0 | — | The DOMParser API did not properly process '<noscript>' elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox < 86. | |||
| CVE-2021-39889 | high | — | 8.0 | — | multiple issues in gitlab | |||
| CVE-2021-47497 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells If a cell has 'nbits' equal to a multiple of BITS_PER_BYTE the logic … | |||
| CVE-2021-47101 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: asix: fix uninit-value in asix_mdio_read() asix_read_cmd() may read less than sizeof(smsr) bytes and in this case smsr will be un… | |||
| CVE-2021-47432 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Don't overflow in peek() When we started spreading new inode numbers throughout most of the 64 bit inod… | |||
| CVE-2021-47495 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usbnet: sanity check for maxpacket maxpacket of 0 makes no sense and oopses as we need to divide by it. Give up. V2: fixed typo … | |||
| CVE-2021-47386 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field If driver read val value sufficient for (va… | |||
| CVE-2021-47384 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field If driver read tmp value sufficient for (tmp… | |||
| CVE-2021-47352 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: virtio-net: Add validation for used length This adds validation for used length (might come from an untrusted device) to avoid da… | |||
| CVE-2021-47466 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm, slub: fix potential memoryleak in kmem_cache_open() In error path, the random_seq of slub cache might be leaked. Fix this by… | |||
| CVE-2021-47582 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: USB: core: Make do_proc_control() and do_proc_bulk() killable The USBDEVFS_CONTROL and USBDEVFS_BULK ioctls invoke usb_start_wait… | |||
| CVE-2021-47287 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: driver core: auxiliary bus: Fix memory leak when driver_register() fail If driver_register() returns with error we need to free t… | |||
| CVE-2021-46984 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted __blk_mq_sched_bio_merge() gets the ctx and hctx for the current CPU and passes th… | |||
| CVE-2021-47527 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: serial: core: fix transmit-buffer reset and memleak Commit 761ed4a94582 ("tty: serial_core: convert uart_close to use tty_port_cl… | |||
| CVE-2021-47289 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ACPI: fix NULL pointer dereference Commit 71f642833284 ("ACPI: utils: Fix reference counting in for_each_acpi_dev_match()") start… | |||
| CVE-2021-47338 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fbmem: Do not delete the mode that is still in use The execution of fb_delete_videomode() is not based on the result of the previ… | |||
| CVE-2021-47609 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpi_pd->name, it could result in the b… | |||
| CVE-2021-47412 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: block: don't call rq_qos_ops->done_bio if the bio isn't tracked rq_qos framework is only applied on request based driver, so: 1)… | |||
| CVE-2021-47097 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Input: elantech - fix stack out of bound access in elantech_change_report_id() The array param[] in elantech_change_report_id() m… | |||
| CVE-2021-47321 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free by calling del_timer_sync() This driver's remove path calls del_timer(). However, that func… | |||
| CVE-2021-47606 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2021-47257 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: fix null deref in parse dev addr Fix a logic error that could result in a null deref if the user sets the mode i… | |||
| CVE-2021-46939 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure trace_clock_global() to never block It was reported that a fix to the ring buffer recursion detection would … | |||
| CVE-2021-47018 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/64: Fix the definition of the fixmap area At the time being, the fixmap area is defined at the top of the address space o… | |||
| CVE-2021-47408 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: serialize hash resizes and cleanups Syzbot was able to trigger the following warning [1] No repro found by… | |||
| CVE-2021-47491 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm: khugepaged: skip huge page collapse for special files The read-only THP for filesystems will collapse THP for files opened re… | |||
| CVE-2021-47624 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change The refcount leak issues take place in an error handling pat… | |||
| CVE-2021-47468 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: Fix sleeping function called from invalid context The driver can call card->isac.release() function from an atomic c… | |||
| CVE-2021-47284 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: netjet: Fix crash in nj_probe: 'nj_setup' in netjet.c might fail with -EIO and in this case 'card->irq' is initializ… | |||
| CVE-2021-47461 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix a race between writeprotect and exit_mmap() A race is possible when a process exits, its VMAs are removed by exi… | |||
| CVE-2021-47304 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: fix tcp_init_transfer() to not reset icsk_ca_initialized This commit fixes a bug (found by syzkaller) that could cause spuri… | |||
| CVE-2021-47596 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2021-47548 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2021-47356 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible use-after-free in HFC_cleanup() This module's remove path calls del_timer(). However, that function does not … | |||
| CVE-2021-47353 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: udf: Fix NULL pointer dereference in udf_symlink function In function udf_symlink, epos.bh is assigned with the value returned by… | |||
| CVE-2021-47456 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: can: peak_pci: peak_pci_remove(): fix UAF When remove the module peek_pci, referencing 'chan' again after releasing 'dev' will ca… | |||
| CVE-2021-47069 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry do_mq_timedreceive calls wq_sleep with a stack local add… | |||
| CVE-2021-46972 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ovl: fix leaked dentry Since commit 6815f479ca90 ("ovl: use only uppermetacopy state in ovl_lookup()"), overlayfs doesn't put tem… | |||
| CVE-2021-47310 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlan_remove_one priv is netdev private data and it cannot be used after free_netdev() call. Using priv after … | |||
| CVE-2021-47236 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it r… | |||
| CVE-2021-46909 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ARM: footbridge: fix PCI interrupt mapping Since commit 30fdfb929e82 ("PCI: Add a call to pci_assign_irq() in pci_device_probe()"… | |||
| CVE-2021-47311 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emac_remove adpt is netdev private data and it cannot be used after free_netdev() call. Using adpt aft… | |||
| CVE-2021-47073 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios init_dell_smbios_wmi() only registers the dell_smbios_wmi_driver on … | |||
| CVE-2021-43815 | high | — | 8.0 | 2y ago | directory traversal in grafana | |||
| CVE-2021-47579 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovl_create_real() Syzbot triggered the following warning in ovl_workdir_create() -> ovl_create_real(): if (… | |||
| CVE-2021-43975 | high | — | 8.0 | 3y ago | In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-… | |||
| CVE-2021-47515 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: seg6: fix the iif in the IPv6 socket control block When an IPv4 packet is received, the ip_rcv_core(...) sets the receiving inter… | |||
| CVE-2021-47221 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mm/slub: actually fix freelist pointer vs redzoning It turns out that SLUB redzoning ("slub_debug=Z") checks from s->object_size … | |||
| CVE-2021-33656 | high | — | 8.0 | 3y ago | When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds. | |||
| CVE-2021-33655 | high | — | 8.0 | 3y ago | Important: kernel security, bug fix, and enhancement update | |||
| CVE-2021-47441 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling stat… | |||
| CVE-2021-35065 | high | — | 8.0 | 3y ago | RHSA-2023:1743: nodejs:14 security, bug fix, and enhancement update (Important) | |||
| CVE-2021-38578 | high | — | 8.0 | 3y ago | Important: edk2 security, bug fix, and enhancement update | |||
| CVE-2021-47560 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect driver from buggy firmware When processing port up/down events generated by the device's firmware, the d… | |||
| CVE-2021-26341 | high | — | 8.0 | 3y ago | Important: kernel security, bug fix, and enhancement update | |||
| CVE-2021-47592 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue:- 1) Add 1 flower filter for VLAN Prior… | |||
| CVE-2021-47671 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path In es58x_rx_err_msg(), if can->do_set_mode() fails, the functi… | |||
| CVE-2021-33631 | high | — | 8.0 | 3y ago | Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, … | |||
| CVE-2021-47393 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs Fan speed minimum can be enforced from sy… | |||
| CVE-2021-47455 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ptp: Fix possible memory leak in ptp_clock_register() I got memory leak as follows when doing fault injection test: unreferenced… | |||
| CVE-2021-47556 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: ethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce() ethtool_set_coalesce() now uses both the .get_coalesce() and .… | |||
| CVE-2021-47373 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Fix potential VPE leak on error In its_vpe_irq_domain_alloc, when its_vpe_init() returns an error, there is a… | |||
| CVE-2021-3839 | high | — | 8.0 | 4y ago | Important: dpdk security and bug fix update | |||
| CVE-2021-42340 | high | — | 8.0 | 4y ago | The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics f… | |||
| CVE-2021-34485 | high | — | 8.0 | 4y ago | RHSA-2021:3148: .NET 5.0 security and bugfix update (Important) | |||
| CVE-2021-3632 | high | — | 8.0 | 4y ago | Keycloak allows anyone to register new security device or key for any user by using WebAuthn password-less login flow | |||
| CVE-2021-3513 | high | — | 8.0 | 4y ago | Incorrect implementation of lockout feature in Keycloak | |||
| CVE-2021-46784 | high | — | 8.0 | 4y ago | RHSA-2022:5526: squid:4 security update (Important) | |||
| CVE-2021-3697 | high | — | 8.0 | 4y ago | Important: grub2, mokutil, shim, and shim-unsigned-x64 security update | |||
| CVE-2021-3695 | high | — | 8.0 | 4y ago | Important: grub2, mokutil, shim, and shim-unsigned-x64 security update | |||
| CVE-2021-3696 | high | — | 8.0 | 4y ago | Important: grub2, mokutil, shim, and shim-unsigned-x64 security update | |||
| CVE-2021-43616 | high | — | 8.0 | 4y ago | The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. This behavior is inconsistent with the… | |||
| CVE-2021-21670 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21671 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-24112 | high | — | 8.0 | 4y ago | .NET Core Remote Code Execution Vulnerability | |||
| CVE-2021-21605 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21607 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21610 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21611 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21606 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21603 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21608 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21604 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21609 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-21602 | high | — | 8.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2021-44717 | high | — | 8.0 | 4y ago | RHSA-2021:5160: go-toolset:rhel8 security and bug fix update (Important) | |||
| CVE-2021-47076 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Return CQE error if invalid lkey was supplied RXE is missing update of WQE status in LOCAL_WRITE failures. This caused… | |||
| CVE-2021-42739 | high | — | 8.0 | 4y ago | The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles… | |||
| CVE-2021-29154 | high | — | 8.0 | 4y ago | BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/… | |||
| CVE-2021-44733 | high | — | 8.0 | 4y ago | A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a s… | |||
| CVE-2021-45485 | high | — | 8.0 | 4y ago | In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that… | |||
| CVE-2021-45486 | high | — | 8.0 | 4y ago | In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small. | |||
| CVE-2021-43056 | high | — | 8.0 | 4y ago | An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmh… | |||
| CVE-2021-4197 | high | — | 8.0 | 4y ago | An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled… | |||
| CVE-2021-41864 | high | — | 8.0 | 4y ago | prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds wri… | |||
| CVE-2021-4157 | high | — | 8.0 | 4y ago | An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NF… | |||
| CVE-2021-4203 | high | — | 8.0 | 4y ago | A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker wit… | |||
| CVE-2021-43976 | high | — | 8.0 | 4y ago | In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_pan… | |||
| CVE-2021-3772 | high | — | 8.0 | 4y ago | A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used a… |